Croatia Control Ltd., Rudolfa Fizira 2, Velika Gorica (hereinafter: "CCL") protects the privacy of its users through this Privacy Policy, and takes care of their personal data in line with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, and the Act on Implementation of the General Data Protection Regulation (Croatian Official Gazette No. 42/18).

CCL undertakes to process personal data exclusively in accordance with the principles of the Regulation.

CCL established the personal data protection management structure by determining and assigning the roles, responsibilities, processing rules and principles, safeguards, through impact assessment, reporting, supervision, and continuous raising of awareness in the field of personal data protection.

CCL continuously implements appropriate technical and organizational personal data protection measures, taking into account the nature, scope, context, and purposes of processing, as well as personal data protection risk exposure, to ensure and be able to prove that processing is carried out in accordance with the personal data protection provisions and best practices.

This Privacy Policy can be restated or amended at any time without prior notice. By using CCL's website after the restatement or amendment, you agree to those amendments.

Controller and Data Protection Officer

The controller shall be CCL.

CCL's processors of your personal data are bound by CCL to act as set forth herein.

CCL's designated data protection officer is available at the following e-mail: dpo@crocontrol.hr.

Lawfulness, Fairness, and Transparency

Your personal data shall be processed by CCL only on the basis of a legal obligation, your consent or other legitimate interests.

Information on the access to your data, the process of lodging a complaint, making a request to update your data can be obtained from the data protection officer at the following e-mail: dpo@crocontrol.hr.

Purpose Limitation

Your personal data shall be collected for specified and legitimate purposes and processed in a manner that is compatible with those purposes.

Personal data that we collect are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. The controller (CCL) and the processor shall not collect any personal data which are not relevant for the purposes for which they are processed.

Data Accuracy and Integrity

It is necessary that the collected and stored personal data are accurate and up to date. CCL shall take every reasonable step to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are rectified or erased without delay.

Freedom of Choice

You decide on the personal data that you submit to CCL. Should you decide not to submit your personal data to CCL, you may not have full access to certain sites/functions of the website.

To protect your personal data submitted via this website, CCL uses physical, technical and organizational security measures, and it continuously upgrades and tests its security technology. Access to your personal data is enabled only to those persons who need to have it to perform certain tasks or provide services that are of benefit to you. Apart from that, CCL educates its employees about the importance of confidentiality, privacy, and protection of your data.

Questions and Comments

CCL shall accept all reasonable requests to rectify, complete or erase your personal data. Should you have any questions or comments on the Privacy Policy, please send your request at the following e-mail: dpo@crocontrol.hr.

Right to Lodge a Complaint with a Supervisory Authority

At any time, you can lodge a complaint with a supervisory authority in relation to the collecting and processing of your personal data by CCL. In the Republic of Croatia a complaint can be lodged with the Croatian Personal Data Protection Agency.